Magento releases patches and upgraded versions to safeguard stores against potential threats. The patches are for store running in older versions, which are not likely to updated to the latest version.
In order to keep your stores secure, it is highly recommended to install these patch as soon as possible.
First check the latest patch version applied to your Magento installation. When patches are applied a file named applied.patches.list is added in the app/etc/ directory.
You can download the latest patches from Magento official website based upon the Magento version you are using.
Install a patch
Once you have downloaded the required patch file (.sh). Follow below instructions to install patch on your store.
1) Copy the patch file(.sh) to the Magento install root directory.
2) We can install the patches with or without SSH
Without SSH :
Create a php file with the name processpatch.php and write down the following code in it,
Replace the file name in it with the uploaded file name on the root and execute the file from the browser.
With SSH :
You can install patch with SSH as well. You have to give the following command under a user who can (authorized to) write Magento files
$ sh <patch-file-name.sh>
If the patch updation is successful, you will get a message as below
Patch was applied/reverted successfully.
else show the error details
-e ERROR: Patch can’t be applied/reverted successfully.
You need to fix the listed issues related to patch updations, it may vary upon the Magento version and patches.
3) After installation you need to regain authority over the modified files
Revert a patch
Simply use the below SSH command from Magento install root directory. Be sure that the patch file is there in the directory to proceed.
$ sh <patch-file-name.sh> -R
It is highly recommended to get your Magento version upgraded to the latest version, so all the patches will be applicable in it.